Cross-site scripting (XSS) vulnerability in PrettyBook PrettyFormMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Per: http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000007.html
'Solution
[Do not use PrettyFormMail]
As patches will not be provided, users are recommended to discontinue use of PrettyFormMail and switch to a different product that provides equivalent functionality. '
Publication date: Fri, 09 Apr 2010 22:30:00 +0000